def test_permission_for_user_himself(self): queue = QueueFactory(creator=self.user) count = 3 members = [UserFactory() for _ in range(count)] for member in members: password = fuzzy.FuzzyText().fuzz() member.set_password(password) member.save() token = self.client.post(reverse('api_auth_login_api_view'), data={ 'username': member.username, 'password': password }).json()['key'] res = self.client.put( reverse( 'api_queue_add_member_api_view', kwargs={'pk': str(queue.id)} ), data={'userId': member.id}, content_type='application/json', HTTP_AUTHORIZATION=self._get_auth_header(token) ) self.assertEqual(res.status_code, status.HTTP_200_OK) queue.refresh_from_db() self.assertEqual(len(queue.members), count)
def test_skip_turn_operation(self): queue = QueueFactory(creator=self.user) user_1, user_2 = UserFactory(), UserFactory() def _skip_turn(user): res = self.client.put( reverse('api_queue_skip_turn_api_view', kwargs={'pk': str(queue.id)}), data={ 'userId': str(user.id) }, content_type='application/json', HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_200_OK) queue.refresh_from_db() _skip_turn(user_1) self.assertEqual(queue.members, []) queue.push_member(str(user_1.id)) queue.save() for user in (user_1, user_2): _skip_turn(user) self.assertEqual(queue.members, [str(user_1.id)]) _skip_turn(user_1) self.assertEqual(queue.members, [str(user_1.id)]) queue.push_member(str(user_2.id)) queue.save() _skip_turn(user_2) self.assertEqual(queue.members, [str(user_2.id), str(user_1.id)]) _skip_turn(user_1) self.assertEqual(queue.members, [str(user_1.id), str(user_2.id)])
def test_update_queue(self): queue = QueueFactory(creator=self.user) new_name = fuzzy.FuzzyText().fuzz() res = self.client.patch( reverse( 'api_queue_retrieve_update_destroy_api_view', kwargs={'pk': str(queue.id)} ), data={'name': new_name}, content_type='application/json', HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_200_OK) queue.refresh_from_db() self.assertEqual(queue.name, new_name) self.assertEqual(res.json()['name'], new_name)
def test_pagination(self): count = 50 QueueFactory.create_batch(count, creator=self.user) for limit in range(1, count + 10): res = self.client.get( reverse('api_queue_list_create_api_view'), data={'limit': limit}, HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_200_OK) self.assertEqual(len(res.json()['results']), min(limit, count)) for offset in range(count + 1): res = self.client.get( reverse('api_queue_list_create_api_view'), data={'limit': count, 'offset': offset}, HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_200_OK) self.assertEqual(len(res.json()['results']), count - offset)
def test_delete_queue(self): queue = QueueFactory(creator=self.user) res = self.client.delete( reverse( 'api_queue_retrieve_update_destroy_api_view', kwargs={'pk': str(queue.id)} ), HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_204_NO_CONTENT) self.assertEqual(Queue.objects.count(), 0)
def test_filters(self): user = UserFactory() queue_1 = QueueFactory(creator=self.user) queue_2 = QueueFactory(creator=user) for filters, queue in ( ({ 'id': str(queue_1.id), 'name': queue_1.name, 'creatorId': str(self.user.id), 'creatorUsername': self.user.username }, queue_1), ({ 'id': str(queue_2.id), 'name': queue_2.name, 'creatorId': str(user.id), 'creatorUsername': user.username }, queue_2) ): res = self.client.get( reverse('api_queue_list_create_api_view'), data=filters, HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_200_OK) res = res.json() self.assertEqual(len(res), 1) self.assertEqual(res[0]['id'], str(queue.id)) res = self.client.get( reverse('api_queue_list_create_api_view'), data={'name': FuzzyText().fuzz()}, HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_200_OK) self.assertEqual(len(res.json()), 0)
def test_get_queue_details(self): queue = QueueFactory(creator=self.user) response = self.client.get(reverse( 'api_queue_retrieve_update_destroy_api_view', kwargs={'pk': str(queue.id)} ), HTTP_AUTHORIZATION=self.access_header) self.assertEqual(response.status_code, status.HTTP_200_OK) response = response.json() for key in ('name', 'members'): self.assertEqual(response[key], getattr(queue, key)) self.assertEqual(response['id'], str(queue.id)) self.assertEqual(response['isPrivate'], queue.is_private) self.assertEqual(response['creator']['id'], str(self.user.id))
def test_check_permission(self): queue = QueueFactory(creator=self.user) count = 3 members = [UserFactory() for _ in range(count)] for member in members: res = self.client.put( reverse( 'api_queue_add_member_api_view', kwargs={'pk': str(queue.id)} ), data={'userId': member.id}, content_type='application/json', HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_200_OK) queue.refresh_from_db() self.assertEqual(len(queue.members), count) for i in range(count): member = members[i] member_request = members[(i + 1) % len(members)] password = fuzzy.FuzzyText().fuzz() member_request.set_password(password) member_request.save() key = self.client.post(reverse('api_auth_login_api_view'), data={ 'username': member_request.username, 'password': password }).json()['key'] res = self.client.put( reverse( 'api_queue_remove_member_api_view', kwargs={'pk': str(queue.id)} ), data={'userId': member.id}, content_type='application/json', HTTP_AUTHORIZATION=self._get_auth_header(key) ) self.assertEqual(res.status_code, status.HTTP_403_FORBIDDEN) queue.refresh_from_db() self.assertEqual(len(queue.members), count)
def test_member_operations(self): queue = QueueFactory(creator=self.user) count = 3 users = UserFactory.create_batch(count) for user in users: res = self.client.put( reverse( 'api_queue_add_member_api_view', kwargs={'pk': str(queue.id)} ), data={'userId': str(user.id)}, content_type='application/json', HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_200_OK) queue.refresh_from_db() self.assertEqual(queue.members, list(map(lambda x: str(x.id), users[::-1]))) for user in users: res = self.client.put( reverse( 'api_queue_move_member_to_end_api_view', kwargs={'pk': str(queue.id)} ), data={'userId': str(user.id)}, content_type='application/json', HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_200_OK) queue.refresh_from_db() self.assertEqual(queue.members[0], str(user.id)) queue.refresh_from_db() self.assertEqual(queue.members, list(map(lambda x: str(x.id), users[::-1]))) queue.refresh_from_db() self.assertEqual(queue.members, list(map(lambda x: str(x.id), users[::-1]))) for i in range(count): user = users[i] res = self.client.put( reverse( 'api_queue_remove_member_api_view', kwargs={'pk': str(queue.id)} ), data={'userId': str(user.id)}, content_type='application/json', HTTP_AUTHORIZATION=self.access_header ) self.assertEqual(res.status_code, status.HTTP_200_OK) queue.refresh_from_db() self.assertEqual(len(queue.members), count - i - 1)
def test_is_teacher_permissions(self): user = UserFactory(is_teacher=True) password = fuzzy.FuzzyText().fuzz() user.set_password(password) user.save() key = self.client.post(reverse('api_auth_login_api_view'), data={ 'username': user.username, 'password': password }).json()['key'] queue = QueueFactory(creator=self.user) for token in (self._get_auth_header(key), self.access_header): res = self.client.put( reverse( 'api_queue_add_member_api_view', kwargs={'pk': str(queue.id)} ), data={'userId': str(user.id)}, content_type='application/json', HTTP_AUTHORIZATION=token ) self.assertEqual(res.status_code, status.HTTP_403_FORBIDDEN) user_1, user_2 = UserFactory(), UserFactory() queue.push_member(str(user_1.id)) queue.push_member(str(user_2.id)) queue.save() queue.refresh_from_db() self.assertEqual(queue.members, [str(user_2.id), str(user_1.id)]) res = self.client.put( reverse('api_queue_skip_turn_api_view', kwargs={'pk': str(queue.id)}), data={ 'userId': str(user_1.id) }, content_type='application/json', HTTP_AUTHORIZATION=self._get_auth_header(key) ) self.assertEqual(res.status_code, status.HTTP_200_OK) queue.refresh_from_db() self.assertEqual(queue.members, [str(user_1.id), str(user_2.id)]) res = self.client.put( reverse( 'api_queue_remove_member_api_view', kwargs={'pk': str(queue.id)} ), data={'userId': str(user_2.id)}, content_type='application/json', HTTP_AUTHORIZATION=self._get_auth_header(key) ) self.assertEqual(res.status_code, status.HTTP_200_OK) queue.refresh_from_db() self.assertEqual(queue.members, [str(user_1.id)])